Moved the copying of the ATS Signing Certificate to the init.d script

because the CasaAuthTokenSvc webapp folder is not created until after Tomcat is started.
2007-06-01 17:56:42 +00:00 · 2007-06-01 17:56:42 +00:00 · 718b0fda28
commit 718b0fda28
parent ef99031e7e
3 changed files with 27 additions and 4 deletions
--- a/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD
+++ b/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD
@ -115,6 +115,24 @@ StartDAEMON()
    sleep 1
    if atsIsRunning ; then
      rc_failed 0
+
+      # Check if we need to copy the Signing Certificate to the webapp folder
+      if [ ! -f /srv/www/casaats/webapps/CasaAuthTokenSvc/SigningCert ]; then
+        # Wait a max of 60 seconds for the webapp folder to be created
+          wait_sec=60
+          while [ "$wait_sec" != "0" ] ; do
+            sleep 1
+            if [ -d /srv/www/casaats/webapps/CasaAuthTokenSvc ]; then
+              # The folder was created, end the loop
+              wait_sec=0
+              break
+            fi
+            wait_sec=$((wait_sec -1))
+          done
+
+          # Copy the signing certificate to the webapps folder so that it can be downloaded from the ATS
+          cp /etc/CASA/authtoken/keys/localSigningCert /srv/www/casaats/webapps/CasaAuthTokenSvc/SigningCert
+      fi
    else
      rc_failed 7
    fi    
@ -136,7 +154,7 @@ StopDAEMON()
    while [ "$wait_sec" != "0" ] ; do
      sleep 1
      if ! atsIsRunning ; then
-        # the server is stoped, end the loop
+        # the server is stopped, end the loop
        wait_sec=0
        break
      fi
--- a/CASA-auth-token/server-java/Svc/linux/server_keystore_setup.sh
+++ b/CASA-auth-token/server-java/Svc/linux/server_keystore_setup.sh
@ -68,9 +68,6 @@ else
   # Print the exported cert
   #$KEYTOOL_PATH -printcert -file $LOCAL_ATS_SIGNING_CERT_PATH

-   # Allow the signing certificate to be downloaded from the ATS
-   cp $LOCAL_ATS_SIGNING_CERT_PATH /srv/www/casaats/webapps/CasaAuthTokenSvc/SigningCert
-
   # Import the signing certificate into the trusted ATS keystore
   $KEYTOOL_PATH -import -noprompt -keystore $TRUSTED_ATS_KEYSTORE_PATH -alias local_signingCert -storepass secret -keypass secret -file $LOCAL_ATS_SIGNING_CERT_PATH

--- a/CASA-auth-token/yast2-casa-ats/package/yast2-casa-ats.changes
+++ b/CASA-auth-token/yast2-casa-ats/package/yast2-casa-ats.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Fri May 18 16:02:10 MDT 2007 - jluciani@novell.com
+
+- Fixed issue that would allow Proxy User Credentials to remain
+  in the miCASA store even though the related REALM has been
+  removed from the server's configuration. This takes care of
+  BUG276396. 
+
 -------------------------------------------------------------------
 Thu May 17 09:45:18 MDT 2007 - jluciani@novell.com